Kubelet should require HTTPS connections
Set up the kubernetes integration.
このページは日本語には対応しておりません。随時翻訳に取り組んでいます。
翻訳に関してご質問やご意見ございましたら、
お気軽にご連絡ください。
Description
Setup TLS connection on the Kubelets.
Rationale
Kubelet communication contains sensitive parameters that should remain encrypted in transit. Configure the Kubelets to serve only HTTPS traffic.
- If using a Kubelet config file, edit the file to set
tlsCertFile
to the location of the certificate file to use to identify this Kubelet, and tlsPrivateKeyFile
to the location of the corresponding private key file. - If using command line arguments, edit the kubelet service file
/etc/systemd/system/kubelet.service.d/10-kubeadm.conf
on each worker node and set the below parameters in KUBELET_CERTIFICATE_ARGS
variable.
--tls-cert-file=<path/to/tls-certificate-file>
--tls-private-key-file=<path/to/tls-key-file>
- Restart the kubelet service.